Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
File: 52630693-0f5d-4126-ba07-ad0c0c999660.roa (raw, json)
Hash identifier: 9SLsaD618BVEUBVfWS8RQKfnYdgSQSzBuqf5Z1su2Tw=
Subject key identifier: E5:46:E9:8B:F3:0B:25:E6:F6:5F:A1:9F:00:7B:00:89:29:35:FD:B2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 360180832787A0865EA915A916D35814FBA9E5F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
Signing time: Tue 21 Oct 2025 13:50:06 +0000
ROA not before: Tue 21 Oct 2025 13:50:06 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d071:e000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:01:80:83:27:87:a0:86:5e:a9:15:a9:16:d3:58:14:fb:a9:e5:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 13:50:06 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=6497ea35ea867ce29ba3cdcba9484b94d47afbea9a8f3e6701e3a20d7bb2eedd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:ee:19:58:0d:61:f6:8c:bb:9e:66:9a:62:a3:
be:dd:f0:f5:49:8e:fc:ab:2a:f6:7e:91:58:d3:dc:
d4:20:64:91:cc:3f:60:5f:2a:0f:44:fe:1d:7c:fc:
43:25:60:8b:47:55:eb:7e:c9:25:cc:e8:a2:85:eb:
b2:cb:aa:04:38:af:bc:df:55:e1:a8:75:a7:c1:27:
52:bc:5e:9e:00:84:cd:29:21:db:c7:95:c1:61:c5:
cb:2d:dc:21:1b:ce:6d:33:53:16:31:cc:8e:95:8f:
d2:5f:e3:9e:dc:73:5e:2b:79:48:f5:9e:69:d3:17:
a7:2f:6a:7e:31:14:19:99:a0:14:ff:07:cd:af:58:
55:6c:53:b7:8f:5f:3f:ef:48:ee:f7:b6:da:40:4e:
41:7b:66:8c:e2:d5:8d:8d:70:b4:08:35:6b:21:e5:
34:ee:f2:81:ca:f3:d8:b3:79:2d:0b:8f:a9:61:4f:
e3:12:b4:4b:29:2c:cc:72:75:6d:02:04:71:71:19:
05:94:fe:56:4a:8c:97:32:8e:3d:05:1e:4c:10:24:
54:b0:68:c2:fc:cf:e1:a3:ad:da:ba:0c:2a:47:b4:
21:fb:c2:fc:e0:76:10:23:94:68:41:b5:7c:9c:ce:
62:64:a9:69:ea:3e:d1:c7:11:a5:c4:9a:c1:a0:cb:
f6:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:46:E9:8B:F3:0B:25:E6:F6:5F:A1:9F:00:7B:00:89:29:35:FD:B2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/52630693-0f5d-4126-ba07-ad0c0c999660.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d071:e000::/40
Signature Algorithm: sha256WithRSAEncryption
42:a1:f6:50:c1:8a:d6:05:20:e7:4e:f4:9c:11:bf:0a:6d:cf:
05:87:ee:09:7b:e8:8d:a9:41:e4:d5:5e:10:f4:b7:34:ca:3f:
b8:f5:30:31:67:47:64:e1:27:f9:0a:0a:39:bd:62:7b:c6:d4:
36:92:1d:bc:13:b6:60:d5:78:d6:25:11:79:23:1f:30:4a:85:
14:bd:97:9e:f9:a7:c2:b1:16:9e:84:9d:d6:a3:56:3c:72:75:
24:cf:3e:74:d5:31:bb:42:f6:f2:4b:7e:88:68:7b:e6:e1:f2:
f0:63:d8:08:6c:0f:7d:1c:85:e5:80:32:41:c5:0c:b9:2a:d1:
63:2a:5d:99:f9:7e:6e:3b:6c:f5:78:c6:28:96:e1:3d:e9:37:
8c:4e:dc:fe:ae:b5:ca:c0:94:86:49:62:bf:72:be:f2:46:fb:
f6:f8:4b:9d:94:46:fb:ae:0e:6a:e8:c3:1d:c8:8b:89:32:c1:
a0:f9:a6:1b:37:e2:c4:79:a1:cc:95:79:ed:0f:c5:61:1a:8f:
0c:5e:cc:89:d7:21:94:fe:02:50:64:17:b8:32:0c:0d:7a:17:
53:a8:aa:72:93:00:50:83:df:63:13:4f:96:23:09:ab:f5:f1:
1a:24:71:e6:7a:32:c6:fb:f3:c0:46:84:ce:6f:b6:c5:4f:dc:
6e:25:a9:fc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNgGAgyeHoIZeqRWpFtNYFPup5fIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExMzUwMDZaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0OTdlYTM1ZWE4NjdjZTI5YmEzY2RjYmE5NDg0Yjk0ZDQ3YWZiZWE5YThm
M2U2NzAxZTNhMjBkN2JiMmVlZGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOnuGVgNYfaMu55mmmKjvt3w9UmO/Ksq9n6RWNPc1CBkkcw/YF8qD0T+HXz8
QyVgi0dV637JJczoooXrssuqBDivvN9V4ah1p8EnUrxengCEzSkh28eVwWHFyy3c
IRvObTNTFjHMjpWP0l/jntxzXit5SPWeadMXpy9qfjEUGZmgFP8Hza9YVWxTt49f
P+9I7ve22kBOQXtmjOLVjY1wtAg1ayHlNO7ygcrz2LN5LQuPqWFP4xK0SykszHJ1
bQIEcXEZBZT+VkqMlzKOPQUeTBAkVLBowvzP4aOt2roMKke0IfvC/OB2ECOUaEG1
fJzOYmSpaeo+0ccRpcSawaDL9mECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTlRumL
8wsl5vZfoZ8AewCJKTX9sjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI2MzA2OTMtMGY1ZC00MTI2LWJhMDctYWQwYzBjOTk5NjYwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HHg
MA0GCSqGSIb3DQEBCwUAA4IBAQBCofZQwYrWBSDnTvScEb8Kbc8Fh+4Je+iNqUHk
1V4Q9Lc0yj+49TAxZ0dk4Sf5Cgo5vWJ7xtQ2kh28E7Zg1XjWJRF5Ix8wSoUUvZee
+afCsRaehJ3Wo1Y8cnUkzz501TG7QvbyS36IaHvm4fLwY9gIbA99HIXlgDJBxQy5
KtFjKl2Z+X5uO2z1eMYoluE96TeMTtz+rrXKwJSGSWK/cr7yRvv2+EudlEb7rg5q
6MMdyIuJMsGg+aYbN+LEeaHMlXntD8VhGo8MXsyJ1yGU/gJQZBe4MgwNehdTqKpy
kwBQg99jE0+WIwmr9fEaJHHmejLG+/PARoTOb7bFT9xuJan8
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:15:06 2025 by rpki-client